1
0
Fork 0
mirror of https://github.com/Luzifer/go-dhparam.git synced 2024-12-20 11:01:19 +00:00

Fix linter errors, update required Go version

This commit is contained in:
Knut Ahlers 2024-09-20 10:08:32 +02:00
parent a42823ee10
commit 07b2fd08e7
Signed by: luzifer
SSH key fingerprint: SHA256:/xtE5lCgiRDQr8SLxHMS92ZBlACmATUmF1crK16Ks4E
7 changed files with 32 additions and 37 deletions

View file

@ -9,8 +9,8 @@ jobs:
strategy: strategy:
matrix: matrix:
version: version:
- '1.19-alpine' - '1.22-alpine'
- '1.20-alpine' - '1.23-alpine'
- alpine - alpine
defaults: defaults:

View file

@ -1,11 +0,0 @@
language: go
go:
- 1.12.x
- 1.13.x
- 1.14.x
- tip
script:
- go vet
- go test -v -cover -timeout 1800s

4
dh.go
View file

@ -1,3 +1,5 @@
// Package dhparam is a pure Golang implementation of the openssl
// dhparam generator no requiring any CGO bindings
package dhparam package dhparam
import ( import (
@ -23,7 +25,7 @@ type DH struct {
// Decode reads a DH parameters struct from its PEM data // Decode reads a DH parameters struct from its PEM data
func Decode(pemData []byte) (*DH, error) { func Decode(pemData []byte) (*DH, error) {
if pemData == nil || len(pemData) == 0 { if len(pemData) == 0 {
return nil, ErrNoPem return nil, ErrNoPem
} }

View file

@ -59,9 +59,9 @@ func GenerateWithContext(ctx context.Context, bits int, generator Generator, cb
} }
switch generator { switch generator {
case 2: case 2: //nolint:mnd
padd, rem = 24, 11 padd, rem = 24, 11
case 5: case 5: //nolint:mnd
padd, rem = 10, 3 padd, rem = 10, 3
default: default:
padd, rem = 2, 1 padd, rem = 2, 1
@ -70,7 +70,7 @@ func GenerateWithContext(ctx context.Context, bits int, generator Generator, cb
for { for {
select { select {
case <-ctx.Done(): case <-ctx.Done():
return nil, ctx.Err() return nil, ctx.Err() //nolint:wrapcheck // Fine in this case
default: default:
if prime, err = genPrime(bits, big.NewInt(padd), big.NewInt(rem)); err != nil { if prime, err = genPrime(bits, big.NewInt(padd), big.NewInt(rem)); err != nil {
return nil, err return nil, err
@ -107,7 +107,7 @@ func genPrime(bits int, padd, rem *big.Int) (*big.Int, error) {
err error err error
p = new(big.Int) p = new(big.Int)
qadd = new(big.Int) qadd = new(big.Int)
q = new(big.Int) q *big.Int
t1 = new(big.Int) t1 = new(big.Int)
) )
@ -146,10 +146,11 @@ func mightBePrime(i *big.Int) bool {
return true return true
} }
//nolint:mnd
func genRand(bits int) (*big.Int, error) { func genRand(bits int) (*big.Int, error) {
bytes := (bits + 7) / 8 bytes := (bits + 7) / 8
bit := (bits - 1) % 8 bit := (bits - 1) % 8
mask := 0xff << uint(bit+1) mask := 0xff << uint(bit+1) //#nosec:G115 // Should only ever run with positive ints
buf := make([]byte, bytes) buf := make([]byte, bytes)
if _, err := rand.Read(buf); err != nil { if _, err := rand.Read(buf); err != nil {
@ -160,7 +161,7 @@ func genRand(bits int) (*big.Int, error) {
buf[0] = 1 buf[0] = 1
buf[1] |= 0x80 buf[1] |= 0x80
} else { } else {
buf[0] |= 3 << uint(bit-1) buf[0] |= 3 << uint(bit-1) //#nosec:G115 // Should only ever run with positive ints
} }
buf[0] &= byte(^mask) buf[0] &= byte(^mask)

View file

@ -11,6 +11,7 @@ import (
"time" "time"
) )
//nolint:errcheck,gosec,revive
func opensslOutput(r GeneratorResult) { func opensslOutput(r GeneratorResult) {
switch r { switch r {
case GeneratorFoundPossiblePrime: case GeneratorFoundPossiblePrime:
@ -39,15 +40,15 @@ func execGeneratorIntegration(t *testing.T, bitsize int, generator Generator) {
if err != nil { if err != nil {
t.Fatalf("Unable to create tempfile: %s", err) t.Fatalf("Unable to create tempfile: %s", err)
} }
defer os.Remove(f.Name()) defer os.Remove(f.Name()) //nolint:errcheck
if _, err = f.Write(pem); err != nil { if _, err = f.Write(pem); err != nil {
t.Fatalf("Unable to write tempfile: %s", err) t.Fatalf("Unable to write tempfile: %s", err)
} }
f.Close() f.Close() //nolint:errcheck,gosec,revive
cmd := exec.Command("openssl", "dhparam", "-inform", "PEM", "-in", f.Name(), "-check", "-noout", "-text") cmd := exec.Command("openssl", "dhparam", "-inform", "PEM", "-in", f.Name(), "-check", "-noout", "-text") //#nosec:G204 // Only for tests
cmd.Stdin = bytes.NewReader(pem) cmd.Stdin = bytes.NewReader(pem)
cmd.Stdout = buf cmd.Stdout = buf
cmd.Stderr = buf cmd.Stderr = buf

2
go.mod
View file

@ -1,3 +1,3 @@
module github.com/Luzifer/go-dhparam module github.com/Luzifer/go-dhparam
go 1.19 go 1.22

View file

@ -1,18 +1,19 @@
package dhparam package dhparam
import ( import (
"math/big"
"errors" "errors"
"math/big"
) )
const dhCheckPNotPrime = 0x01 const (
const dhCheckPNotSafePrime = 0x02 dhCheckPNotPrime = 0x01
const dhUnableToCheckGenerator = 0x04 dhCheckPNotSafePrime = 0x02
const dhNotSuitableGenerator = 0x08 dhUnableToCheckGenerator = 0x04
const dhCheckQNotPrime = 0x10 dhNotSuitableGenerator = 0x08
const dhCheckInvalidQValue = 0x20 dhCheckQNotPrime = 0x10
const dhCheckInvalidJValue = 0x40 dhCheckInvalidQValue = 0x20
dhCheckInvalidJValue = 0x40
)
// ErrAllParametersOK is defined to check whether the returned error from Check is indeed no error // ErrAllParametersOK is defined to check whether the returned error from Check is indeed no error
// For simplicity reasons it is defined as an error instead of an additional result parameter // For simplicity reasons it is defined as an error instead of an additional result parameter
@ -71,19 +72,20 @@ func (d DH) Check() ([]error, bool) {
return result, ok return result, ok
} }
//revive:disable-next-line:confusing-naming // Intended in this case as this is the real functionality
func (d DH) check() int { func (d DH) check() int {
var ret int var ret int
// Check generator // Check generator
switch d.G { switch d.G {
case 2: case 2: //nolint:mnd
l := new(big.Int) l := new(big.Int)
if l.Mod(d.P, big.NewInt(24)); l.Int64() != 11 { if l.Mod(d.P, big.NewInt(24)); l.Int64() != 11 { //nolint:mnd
ret |= dhNotSuitableGenerator ret |= dhNotSuitableGenerator
} }
case 5: case 5: //nolint:mnd
l := new(big.Int) l := new(big.Int)
if l.Mod(d.P, big.NewInt(10)); l.Int64() != 3 && l.Int64() != 7 { if l.Mod(d.P, big.NewInt(10)); l.Int64() != 3 && l.Int64() != 7 { //nolint:mnd
ret |= dhNotSuitableGenerator ret |= dhNotSuitableGenerator
} }
default: default: